CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 0CVE-2013-0885
https://notcve.org/view.php?id=CVE-2013-0885
23 Feb 2013 — Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly restrict API privileges during interaction with the Chrome Web Store, which has unspecified impact and attack vectors. Google Chrome anterior a v25.0.1364.97 en Windows y Linux, y anterior a v25.0.1364.99 en Mac OS X, no restringe correctamente los privilegios de la API durante la interacción con el Chrome Web Store, el cual tiene un impacto no especificado. • http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 9.8EPSS: 0%CPEs: 89EXPL: 0CVE-2013-0886
https://notcve.org/view.php?id=CVE-2013-0886
23 Feb 2013 — Google Chrome before 25.0.1364.99 on Mac OS X does not properly implement signal handling for Native Client (aka NaCl) code, which has unspecified impact and attack vectors. Google Chrome antes v25.0.1364.99 en Mac OS X no aplica correctamente el manejo de señales para el codigo de Native Client (también conocido como NaCl), que tiene un impacto no especificado y vectores de ataque • http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2013-0887
https://notcve.org/view.php?id=CVE-2013-0887
23 Feb 2013 — The developer-tools process in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly restrict privileges during interaction with a connected server, which has unspecified impact and attack vectors. El proceso de herramientas para desarrolladores de Google Chrome antes v25.0.1364.97 en Windows y Linux, y antes v25.0.1364.99 en Mac OS X, no restringe correctamente privilegios durante la interacción con un servidor conectado, lo cual tiene un impacto no ... • http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2013-0889
https://notcve.org/view.php?id=CVE-2013-0889
23 Feb 2013 — Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly enforce a user gesture requirement before proceeding with a file download, which might make it easier for remote attackers to execute arbitrary code via a crafted file. Google Chrome v25.0.1364.97 sobre Windows y Linux, y anterior a v25.0.1364.99 sobre Mac OS X, no fuerza al usuario adecuadamente antes de proceder con la descarga de un archivo, lo que podría facilitar a atacantes remotos la ejecuci... • http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html • CWE-863: Incorrect Authorization •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2013-0890
https://notcve.org/view.php?id=CVE-2013-0890
23 Feb 2013 — Multiple unspecified vulnerabilities in the IPC layer in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allow remote attackers to cause a denial of service (memory corruption) or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en la capa IPC en Google Chrome antes v25.0.1364.97 en Windows y Linux, y antes v25.0.1364.99 en Mac OS X, permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria) ... • http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 0CVE-2013-0891
https://notcve.org/view.php?id=CVE-2013-0891
23 Feb 2013 — Integer overflow in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a blob. Desbordamiento de entero en Google Chrome v25.0.1364.97 sobre Windows y Linux, y anterior a v25.0.1364.99 sobre Mac OS X, permite a atacantes remotos provocar una denegación de servicio u otro impacto a través de vectores desconocidos. • http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 1%CPEs: 7EXPL: 0CVE-2013-0892
https://notcve.org/view.php?id=CVE-2013-0892
23 Feb 2013 — Multiple unspecified vulnerabilities in the IPC layer in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allow remote attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades sin especificar en la capa IPC de Google Chrome v25.0.1364.97 sobre Windows y Linux, y anterior a v25.0.1364.99 sobre Mac OS X, permite a atacantes remotos provocar una denegación de servicio u otro impacto a través de vectores desc... • http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html •
CVSS: 8.1EPSS: 0%CPEs: 7EXPL: 0CVE-2013-0893
https://notcve.org/view.php?id=CVE-2013-0893
23 Feb 2013 — Race condition in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to media. Condición de carrera en Google Chrome anterior a v25.0.1364.97 en Windows y Linux, y anterior a v25.0.1364.99 en Mac OS X, permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado mediante vectores relacionados con media. • http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 0CVE-2013-0894
https://notcve.org/view.php?id=CVE-2013-0894
23 Feb 2013 — Buffer overflow in the vorbis_parse_setup_hdr_floors function in the Vorbis decoder in vorbisdec.c in libavcodec in FFmpeg through 1.1.3, as used in Google Chrome before 25.0.1364.97 on Windows and Linux and before 25.0.1364.99 on Mac OS X and other products, allows remote attackers to cause a denial of service (divide-by-zero error or out-of-bounds array access) or possibly have unspecified other impact via vectors involving a zero value for a bark map size. Desbordamiento de búfer en la función vorbis_par... • http://git.chromium.org/gitweb/?p=chromium/deps/ffmpeg.git%3Ba=commit%3Bh=e1e70d9bb9852b7d099379afc95531a632a20ba5 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2013-0895
https://notcve.org/view.php?id=CVE-2013-0895
23 Feb 2013 — Google Chrome before 25.0.1364.97 on Linux, and before 25.0.1364.99 on Mac OS X, does not properly handle pathnames during copy operations, which might make it easier for remote attackers to execute arbitrary programs via unspecified vectors. Google Chrome antes de v25.0.1364.97 para Linux, y antes de v25.0.1364.99 para Mac OS X, no maneja correctamente las rutas durante la operaciones de copia, lo que podría hacer que sea más fácil para los atacantes remotos ejecutar programas arbitrarios a través de vecto... • http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •